diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2019-11-03 16:06:58 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2019-11-03 16:06:58 +0000 |
| commit | bd4aeefe33e63f613512604e47bfca7b2187697d (patch) | |
| tree | adb35b5a9a00ee7ea591ab0c987f70167c23b597 /sys-apps/file | |
| parent | 48ece6662cbd443015f5a57ae6d8cbdbd69ef37c (diff) | |
gentoo resync : 03.11.2019
Diffstat (limited to 'sys-apps/file')
| -rw-r--r-- | sys-apps/file/Manifest | 3 | ||||
| -rw-r--r-- | sys-apps/file/file-5.37-r1.ebuild (renamed from sys-apps/file/file-5.37.ebuild) | 4 | ||||
| -rw-r--r-- | sys-apps/file/files/file-5.37-CVE-2019-18218.patch | 36 |
3 files changed, 41 insertions, 2 deletions
diff --git a/sys-apps/file/Manifest b/sys-apps/file/Manifest index 4c0ad9a9247a..1543fd8b1b8b 100644 --- a/sys-apps/file/Manifest +++ b/sys-apps/file/Manifest @@ -1,6 +1,7 @@ +AUX file-5.37-CVE-2019-18218.patch 1038 BLAKE2B 30622d39fb4006b07fabab70dfe6fc3f574aac769c7728bada7b622fd670616efc12d42cabf95b32a8a98c811e171059af2e127c170c1935dc00def4a1fc05b6 SHA512 3517e35db03944bcca6da28ddac9f0d08ce052b03d1508d26851fd6691bedc89f3974822a1559576987c8c10a0343bc8788cc7df52406d66a591ddcd39b23a5c DIST file-5.36.tar.gz 875792 BLAKE2B ce1d98148e26c243982bb85357d440ab774fc42c526bca4dbff15c05247d2c15b54b030671a5590020fa5383c436204116f7817ec4dd33aa4387b059e4d7fe21 SHA512 3ec5e51ffb7a82defa74845a90fbc983f6e169fc116606049bc01ff6e720d340c8abf6eb7a08b9ac1099162a5c02deac3633b07b039d486344c8abd9052ca751 DIST file-5.37.tar.gz 887682 BLAKE2B c5635e5de879af31cbef1c988275ab8620133909d146769b27a2f8eefa90871fad5fa75e66b9e1d77a6261e5d6dec315fb5a8ad587d8c214eaa0bc2e5a929fe7 SHA512 bf153c15aebdd00329806231d20f295077b8b99efd0181d01279bcf3734a1718567df38cf75bc929eb8015ac98d29bb4bf1228d7ece8bfdfe14dd976391dd06d EBUILD file-5.36.ebuild 3140 BLAKE2B 5dd07458582785009964253e23e2e52f1abf1ca163aea5b4c4a504fcc5d85443a3a865edfeeebb29b5be6c02db00eb010d91be1777072fc2f7b4713b95decea0 SHA512 261875b1a18aedea7ca70e54fdadb974ed40d8ef42852fa1b9f88860402fa7fa1ad27d36f52adf6390205aecab16b58d8c0464f1dcbbfb051a451bdbd32e6788 -EBUILD file-5.37.ebuild 3161 BLAKE2B 2d9f6df18cb95bc3aecd3742fb840b4a35aebbb216d7333575593848eb6a4e05ea8f03c25fce9b0c3347c1886019428e4776ea0a2a871b3f6cfcdf293752ba8d SHA512 ae4bbeceb8d2f47728de23338cb148d9578ecfb3326d3b5880f3ef733a71737f8d1afeed68b8670084eb4c43efea763d2ebe64ceb61d4cd2a8fb6da1a81eb803 +EBUILD file-5.37-r1.ebuild 3209 BLAKE2B ef43572b251dea058e097956c54d58c79c2496a9fbe277ac6098ae22cf4f574f48ac5b8dee0a67599267022fbf559b5cf76d59822c56f840f527b2347fab9aef SHA512 52a2f42b4354de7dcf247328d9e169ec3fe2f4c9663fc8496ca5d6cd753dbd8e5569a26dace28d46c0002f4a39382a62e8fc89907bbb027c349ae30e7375d32d EBUILD file-9999.ebuild 3240 BLAKE2B deaea9fdf075c13ae9584fb37ad19193485118b9e4c5289b5fdf5bc365431a50df698b11cea463b4ce939d8534bd371fc0a64fac7f4b9b131c59054f79e035f4 SHA512 31da4beb4b69906ce21177453922c3e23a8580e0378135428f1e2ab8de1e34cce368dccebcecd6973bd5879351152156010d60982e393e1fcad632ddc755fb22 MISC metadata.xml 316 BLAKE2B 475092518eaf152f7e153e84a12c7089e665a5fc089045b6fa2d452eaf726566cade92c65ef19ba5cb205e586d161e90e514b60c8587699ca5c9885565ca3b60 SHA512 8b334ba7a606600ad0548ef0ab7aa809a8fda040104d1663bfe179828a831e621128145325aba158fccf94a7f9a3ca1c9164db979a85e639403a079f0deb622a diff --git a/sys-apps/file/file-5.37.ebuild b/sys-apps/file/file-5.37-r1.ebuild index 7aa0f8d8888c..746e3380b6e6 100644 --- a/sys-apps/file/file-5.37.ebuild +++ b/sys-apps/file/file-5.37-r1.ebuild @@ -13,7 +13,7 @@ if [[ ${PV} == "9999" ]] ; then inherit autotools git-r3 else SRC_URI="ftp://ftp.astron.com/pub/file/${P}.tar.gz" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" + KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" fi DESCRIPTION="identify a file's format by scanning binary data for patterns" @@ -33,6 +33,8 @@ DEPEND=" RDEPEND="${DEPEND} python? ( !dev-python/python-magic )" +PATCHES=( "${FILESDIR}"/${P}-CVE-2019-18218.patch ) + src_prepare() { default diff --git a/sys-apps/file/files/file-5.37-CVE-2019-18218.patch b/sys-apps/file/files/file-5.37-CVE-2019-18218.patch new file mode 100644 index 000000000000..1cd02b778abf --- /dev/null +++ b/sys-apps/file/files/file-5.37-CVE-2019-18218.patch @@ -0,0 +1,36 @@ +CVE-2019-18218 +https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84 + +--- a/src/cdf.c ++++ b/src/cdf.c +@@ -1027,8 +1027,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, + goto out; + } + nelements = CDF_GETUINT32(q, 1); +- if (nelements == 0) { +- DPRINTF(("CDF_VECTOR with nelements == 0\n")); ++ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) { ++ DPRINTF(("CDF_VECTOR with nelements == %" ++ SIZE_T_FORMAT "u\n", nelements)); + goto out; + } + slen = 2; +@@ -1070,8 +1071,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, + goto out; + inp += nelem; + } +- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", +- nelements)); + for (j = 0; j < nelements && i < sh.sh_properties; + j++, i++) + { +--- a/src/cdf.h ++++ b/src/cdf.h +@@ -48,6 +48,7 @@ + typedef int32_t cdf_secid_t; + + #define CDF_LOOP_LIMIT 10000 ++#define CDF_ELEMENT_LIMIT 100000 + + #define CDF_SECID_NULL 0 + #define CDF_SECID_FREE -1 |